<?php
//包含数据库配置文件
include '../public/dbconfig.php';
//包含函数库文件
include '../public/func.inc.php';
//调用函数
$link = conn();
//var_dump($link);
//exit;
$username = $_POST['uname'];
$password = md5($_POST['password']);

$sql = "select  id,username,password,qx,pic,tel,edu,sign,email from user where username='{$username}' and password='{$password}'";
//var_dump($sql);
$res = mysqli_query($link,$sql);
//var_dump($res);
//exit;
if($res && mysqli_num_rows($res) > 0){
	$uinfo = mysqli_fetch_assoc($res);
	//用户名有  对比密码
	if($username ==$uinfo['username']){
		include './top.php';
	}
	if($password == $uinfo['password']){
		//密码正确 验证权限
		if($uinfo['qx'] ==1 or 2){
			//有权限  登录成功  存储信息
			session_start();
			$_SESSION['isLogin'] = 1;
			$_SESSION['uid'] = $uinfo['id'];
			$_SESSION['uname'] = $uinfo['username'];
			$_SESSION['qx'] = $uinfo['qx'];
			$_SESSION['pic'] = $uinfo['pic'];
			$_SESSION['tel'] = $uinfo['tel'];
			$_SESSION['edu'] = $uinfo['edu'];
			$_SESSION['sign'] = $uinfo['sign'];
			
			
			//跳转到后台首页
			//header('location:./index.php');
			echo '<script>alert("恭喜，登录成功");window.location.href="index.php";</script>';
			}
		}else{
			//密码错误
			//header('location:./login.php?error=2');
			echo '<script>alert("对不起，你的密码错误,请重新输入");window.location.href="index.php?error=2";</script>';
			
		}

	//释放结果集资源
	mysqli_free_result($res);
}else{
	//登录失败 用户名不存在
	//header('location:./login.php?error=1');
	echo '<script>alert("对不起,您的用户名不存在,请注册");window.location.href="index.php?error=1";</script>';
}
//关闭数据库连接
mysqli_close($link);

?>